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Declaration Under 37 CFR 51.131 



Each of the undersigned, Thomas Messerges, Ezzat Dalpbish, Larry Puhl, and 
Douglas Kuhlman declare the following: 

1. Prior to March 21, 2001, we conceived of the invention in the United States 
now claimed in US Patent application number 10/028,164 ■ 

2. As evidence of the conception date of the pending application, enclosed is 
supporting materials in the form of true copies of original exhibits. These 
original exhibits were created by us in the United States and witnessed by a third 
party prior to March 21, 2001. 

3. We exercised due diligence from prior to March 21, 2001 to October 25, 2001 
to prepare and file the pending patent application number 10/028,164. During 
this time period, we continually worked toward preparing the pending patent 
application for filing with the USPTO. 

4. All of the above statements made of our own knowledge are true and all 
statements made on information and belief are believed tohe true. 
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5. We understand that willful false statements and the like are punishable by 
fine or imprisonment, or both (18 USC §1001) and may jeopardize the validity of 
the pending application or any patent issuing thereon. 



Thomas Messerges 



Ezzat Dabbish 



Date 
Date 
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Puhl 



Douglas Kuhlman 
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Disclosure for Patent Committee Review 
Submitted Pursuant to Employee Agreement 
DISCLOSURE TYPE 






Disclosure Number 


Date 

February 15,200# 


Division^ 1 ): Corporate 


Patentee 


rnmittee Action: 







SHORT FORM J^J Whtrt usiu B tnc ihopt rorm tfw 1 * P ; ^ c >» rlw review committee may request nfldirinnql information before renching a decision. 
EXPANDED j X | additional paf»i»» in the expanded form if you reel more informs titro will h* necessary Tor the committee lo reach a decision. 

1. Title of Invention: A Method for Securely Bindine Usage 1a. Key Words: Digital Kighcs Management (DRM), Digital Content 
Rules to Digital Content Content protection. Hash, Certificate 

Z Primary or contact point inventot(s) (us* your run nr«, middle and last names- Use page 2 (it the expanded disclosure forni for contributing inventors) 



Thomas S. Messerges 

NJTO9 

US 



32*60-0086 
saw 



Sgnatura 

151 Brookston Drive 
3tfQet 



lL02Rm2712 

bonHon/ftm. 9 

Schaumburg 

an 



847-576-5827 
IL 601K 

5Wo ZIP 



2) 



EzzatA.DabDiSh <^Jt /L flA-L, 

Ma mo >^ p "* 1 SJffwIwo 



AE575 
Dipt NO. 



us 

Cfl[rnniMg_ 



329-50-0221 

55N 



445 Adare Drive 

-S!£SSS 



IL02 Rm 2712 
Cary 



847-576-5377 

POono Humtw 

IL 6ooi: 



Larry Puhl 

Namo 

US 

Cjikcninlfl 



^^338-38-6126 ' 



1231 Fawn Hallow 

Stmoi 



AE579 j 

Pupl.Nn. 

i 



IL02 Rm 2256 

Locjtldrt/RiTL * 

West Dundee 

ClfV 



847^576^5463 



IL 



601 IE 




Douglas A. Kuhiman 

Nans 

us 

CHltmUlllO 



510-8S-O815 

5SH 



AE575 

DOf5l. No. 



1447 AshwoodCl 

Straa i 



IL02 Rm2712 

Locaitonfflm. * 

Elgin 

_S!2 



847-576-9575 

IL 60122 
suit 



3. What was the problem(s) to be solved by the invention or what was the need(s) for the invention: 

The popularity of digital content, such as MP3 music Hies, electronic games, and DVD movies, is growing at a tremendous rate. Portable, 
wireless devices are on the verge of making access ki this digital conient easier than ever. Content owners, however, arc worried, that with 
the advent of these new devices, rheir digital content will become more susceptible to iljlicil copying and distribution. In order in avoid 
widespread piracy, like thai prevalent on the Internet le.^.. Napster), there is a need lor secure methods tn distribute electronic eonicnt that 
are not subject to abuse. 

Digital Rights Management (DRM) is a popular phrase used to dcKirrihc the proieelion ijf rights and the management of rules related to 
accessing and processing digital information. These rights and rule* »ovcrn various aspeetsjof a digital object, such as who owns the object, 
how and when an object can be accessed, and how much an object may cost. Content owners hope lo use a secure, tamper- resistant DRM 
system to enforce the rules associated with » digital object. If rhc rules say that » digiial sons camml be copied, then the DRM system will 
not copy it. Likewise. tF the rules say that playing a DVD movie wi|J cost $3, then the DRM system will debit the consumer's credit card by 
$3. Hackers should not he able to overcome the enforcement of these rules or alter the content associated with these rules, tn particular, 
hackers should not be able to alter digiial objects or their rules without detection. 

The problem of protecting digital objects and their rules ts not straightforward. Hackers will likely have direct access to thc digital objects 
and the rules. For example, objects and rules may be stored on the disk drive of a PC where they can be readily accessed by an editing 
program. Therefore, since hackers will be able to easily change bits in the digital objects or the rules, the DRM system will need to detect 
such changes. 

The size of the digital object can become very large. For example, compressed digital stings; arc typically 3 to 5 Mbits and DVD movies can 
be orders or magnitude larger. Verifying thar such a large digital object has not been altered can be very lime consuming. Our invention 
solves (his pmblcm by providing an efficient method to detect changes in digital objects andj their associated usage rules. 
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4. What is the prior art, and why doesnt it resolve the problemfs) or fulfill the need(s): 

tn our situation, che content and usage rules constitute a digital object that we refer to: as a "content package". A well-known prior-ar 
method for authenticating the integrity of a digital object uses a digital signature scheme ip sign a cryptographic hash of the object. A prio 
art solution using a digital signature scheme and hash to protect digital content is depicted n Figure I. According to Figure I, the first step ii 
to encrypt the content. The content is encrypted with a secret key to protect it from being ised by anyone other than content purchaser. The 
encrypted content is then cryptographically hashed to produce Hash(£Q. This hash valui is placed into the certificate CCen, The CCer 
certificate also contains che content's usage rules along with the content decryption key that is assigned to the content purchaser usin^ 
public-key cryptography. Finally, a trusted authority digitally signs the certificate. j 

Verifying the authenticity of a content package is simple. The first step is co verify che signature of the digital signature ot'CCerr. Once thu 
signature is verified, the hash of the encrypted content is recalculated and compared to the value in the certificate. If digital signature is valic 
and the hash values match, then the content package is deemed authentic. The rendering oj' content can begin oniy after the content package 
has been authenticated. 

The main problem with this prior-art solution is that it can take too long co calculate the! hash of the entire content package, A user of a 
content rendering device expects rendering to begin immediately. After pressing the play button of an MP3 player, the song should stan 
playing with minimal delay. If the prior-art method is used, then the hash of the entire consent needs to be calculated before the usage rule;, 
can be verified. This could be very time consuming. For example, the estimated time ro pompute the SHA1 hash of a typical MP3 song, 
when using a 16 MHz MCore processor, is around 15 to 20 seconds. Clearly this is coo iifng and a more efficient method is needed. More 
background on prior-art datu auihencicacion solutions can be found in standard cryptography textbooks such as: 

Douglas ft. Stinson, "Cryptography: Theory and Practice" CRC Press, 1995. 

5. What is the invention being disclosed: 

Our invention eliminates the need to calculate the hash of the entire content package before rendering the content. Instead, the hash is 
calculated incrementally and verified as the content Is being rendered. 

Our invention is depicted m Figure 2. As in the prior-art solution the firsc step is to encrypt the content. Next, however, the content is split 
into smaller "chunks". The cryptographic hash of each of these chunks is then calculated and stored into a "hash table". The entries of the 
hash table are then hashed to crate an "overall hash". The overall hush is placed into thcjcertillaite CCcrt that is then signed by a trusted 
authority. 

The advantages or" our scheme become apparent when authenticating the content package. (Hgure 3 shows that our authentication procedure 
begins with a verification of the hash table. The overall hash uf the hash table is recalculated and then compared to the hash value in the 
CCcrt certificate. If the hash values agree and ihe signature on CCcrr is valid, then the jhash table and its binding to the usage rules is 
verified. Since the overall hash is not over the entire content, but just the hash table, it can ty: quickly calculated. 

Once the overall hash has been authenticated, the luish nfihc individual chunks can Ik* venjfied. Figure 4 shows our procedure for verifying 
the authenticity of a chunk. The first step is to recalculate the hash table entry of the ehunjk and compare it to the actual hash value in the 
hash table. Since the hash table has already been authenticated, agreement of Ihe hash values implies that the chunk is authentic. It should he 
noied that the computation of a chunk's hash is not as time consuming as computing the hijsh of the entire content package. Also, this hash 
value can be calculated in parallel to the chunk decryption. Thus, rendering can begin almosj immediately. 

6. How does this invention resolve the problem(s) and fulfill the need(s) in a new way: 
(Attach any drawings or diagrams you feel are necessary for clarification) 

The problem of authenticating digital content and its binding to usage rules was solved using a divide-and-eonquer approach. Our invention 
culls for the authentication to be conducted in two phases. The first phase provides assurance that the hash table is authentic and bound to 
the certificate and rules. This phase can be calculated very quickly since only Ihe hash of tfte hash table needs to be computed. By hushing 
the hash table, hackers are prevented from deleting, adding, or rearranging the content chunks. 

The second phase of our invention verifies the authenticity of every content bit. The hash nf the content chunk is compared to the hash tabic 
enlry to provide final assurance that the content is hound to the certificate and rules. This hash can be calculated one chunk at a time, parallel 
to decryption, to enable immediate rendering. 

Our invention is even applicable to protecting extremely large content files (i.e., video). In this situation, the hash table can be very lurgc and 
even calculating the overall hash becomes loo slow. Our invention, with a minor modificatiqn, can handle this problem by allowing the hash 
table to be subdivided into chunks that are subsequently hashed and added to a secondary hash table. The resulting scheme then uses 
multiple layers of hash tables and a single certificate to authenticate all of the hash tables and the content. 

Overall, the disclosed invention provides an efficient means to authenticate digital content and bind the content to usage rules. The security 
of our scheme is equivalent to prior art methods, while the effieicney is improved. 

7. Date ol conception: January. 2001 and if applicable, date first built (or written) and successfully tested; 
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8. Produces) this Invention may be used in: 
Future Motorola pagers, mobile phones, automotive entertainment systems, and set-top boxes that handle digital content such as musk 
books, and video. 

9. Date the first offer for sale was made for a product incorporating this invention: 
None, but there arc plans to discuss our secure content distribution system with Vivendi/Universal and Disney. 

10. Date the first disclosure of this invention was made outside Motorola without a nondisclosure agreement: 

None, but disclosure during on SDMI meeting is being considered. 

11. Approvals; I) Technical Staff or Patent Liaison 2) Management (both required) - Signing th is form attests to the fact thai you understand the invwtte 



^ Nnmc/Signaiurc 



Dippt. No. 



Location/Rm. » 



Phone Number 



2) 

12. Witnesses: 

Witness: O-f^^C^L 



^P^^'Y II \ J* & 



Date: A/ If fa» { Witness: 



Dnte: TJeiJ o 



13. 
5) 



6) 



Hamo Stpunrt Itopttto. LncaUaprflrn. $ Phoni HwrDcr 

Cilhcmftfr -VN St*™* C "Y 5m,c Aw 


Nam SiouamjD DirpL Na. teenttoivfinv 1 Phono Numbor 
attzonshlp 59N Strocl CltY Sam _ZJP 




N*rm SJonalurB 
ClftafiiMp SS« St«oI 


Dtp. No. localtorvRn* $ Pnono NumD* 
City State ZIP 






Namo Sjonamro 
CKwranlp 53N SlroW 


Jipj.No. Ucalloivflm. < PftoM Numbof 
city Slam BP 



7) 



8) 



It i.s in Motorola'* interest to ensure (hut their products uphold Che emerging security requirements for managing digital data, while also 
providing for :tn enjoyable user experience lor mir consumers. Our disclosed inventionj provides a novel method to improve a user's 
experience by ensuring that their content can be rendered without delays or interruptions dm? to annoying DRM requirements. 

feeing first to market with a Digital Rights Management sysiem thai does nut hinder the ejnd user will secure Motorola's leadership in the 
industry. Other organizations may mandate the use of imr solution, in which case financial gains can be made from licensing and royalty 
fees. In addition orders for our products can be expected to incrcusc as a result of our name |)cing tied to a secure and user friendly solution. 

1 5. Expanded description; list any additional details you fee* would be helpful in describing the Invention: 



16. Additional details concerning the prior art related to this invention: 



Attach any backup documents or provide any other Information you feel would be helpful in determining the desirability of obtaining a patent on 
this Invention. Any attachments that are critical to the disclosure of the invention should be witnessed. 

See attached Figures I to 4. 
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